--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.17.3 labels: app.kubernetes.io/component: crds app.kubernetes.io/instance: kyverno app.kubernetes.io/part-of: kyverno-crds app.kubernetes.io/version: 3.4.1 name: validatingpolicies.policies.kyverno.io spec: group: policies.kyverno.io names: categories: - kyverno kind: ValidatingPolicy listKind: ValidatingPolicyList plural: validatingpolicies shortNames: - vpol singular: validatingpolicy scope: Cluster versions: - additionalPrinterColumns: - jsonPath: .metadata.creationTimestamp name: AGE type: date - jsonPath: .status.conditionStatus.ready name: READY type: string name: v1alpha1 schema: openAPIV3Schema: properties: apiVersion: type: string kind: type: string metadata: type: object spec: properties: auditAnnotations: items: properties: key: type: string valueExpression: type: string required: - key - valueExpression type: object type: array x-kubernetes-list-type: atomic autogen: properties: podControllers: properties: controllers: items: type: string type: array type: object validatingAdmissionPolicy: properties: enabled: type: boolean type: object type: object evaluation: properties: admission: properties: enabled: default: true type: boolean type: object background: properties: enabled: default: true type: boolean type: object mode: type: string type: object failurePolicy: enum: - Ignore - Fail type: string matchConditions: items: properties: expression: type: string name: type: string required: - expression - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map matchConstraints: properties: excludeResourceRules: items: properties: apiGroups: items: type: string type: array x-kubernetes-list-type: atomic apiVersions: items: type: string type: array x-kubernetes-list-type: atomic operations: items: type: string type: array x-kubernetes-list-type: atomic resourceNames: items: type: string type: array x-kubernetes-list-type: atomic resources: items: type: string type: array x-kubernetes-list-type: atomic scope: type: string type: object x-kubernetes-map-type: atomic type: array x-kubernetes-list-type: atomic matchPolicy: type: string namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic objectSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic resourceRules: items: properties: apiGroups: items: type: string type: array x-kubernetes-list-type: atomic apiVersions: items: type: string type: array x-kubernetes-list-type: atomic operations: items: type: string type: array x-kubernetes-list-type: atomic resourceNames: items: type: string type: array x-kubernetes-list-type: atomic resources: items: type: string type: array x-kubernetes-list-type: atomic scope: type: string type: object x-kubernetes-map-type: atomic type: array x-kubernetes-list-type: atomic type: object x-kubernetes-map-type: atomic validationActions: items: enum: - Deny - Audit - Warn type: string type: array x-kubernetes-list-type: set validations: items: properties: expression: type: string message: type: string messageExpression: type: string reason: type: string required: - expression type: object type: array x-kubernetes-list-type: atomic variables: items: properties: expression: type: string name: type: string required: - expression - name type: object x-kubernetes-map-type: atomic type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map webhookConfiguration: properties: timeoutSeconds: format: int32 type: integer type: object type: object status: properties: autogen: properties: configs: additionalProperties: properties: spec: properties: auditAnnotations: items: properties: key: type: string valueExpression: type: string required: - key - valueExpression type: object type: array x-kubernetes-list-type: atomic autogen: properties: podControllers: properties: controllers: items: type: string type: array type: object validatingAdmissionPolicy: properties: enabled: type: boolean type: object type: object evaluation: properties: admission: properties: enabled: default: true type: boolean type: object background: properties: enabled: default: true type: boolean type: object mode: type: string type: object failurePolicy: enum: - Ignore - Fail type: string matchConditions: items: properties: expression: type: string name: type: string required: - expression - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map matchConstraints: properties: excludeResourceRules: items: properties: apiGroups: items: type: string type: array x-kubernetes-list-type: atomic apiVersions: items: type: string type: array x-kubernetes-list-type: atomic operations: items: type: string type: array x-kubernetes-list-type: atomic resourceNames: items: type: string type: array x-kubernetes-list-type: atomic resources: items: type: string type: array x-kubernetes-list-type: atomic scope: type: string type: object x-kubernetes-map-type: atomic type: array x-kubernetes-list-type: atomic matchPolicy: type: string namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic objectSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic resourceRules: items: properties: apiGroups: items: type: string type: array x-kubernetes-list-type: atomic apiVersions: items: type: string type: array x-kubernetes-list-type: atomic operations: items: type: string type: array x-kubernetes-list-type: atomic resourceNames: items: type: string type: array x-kubernetes-list-type: atomic resources: items: type: string type: array x-kubernetes-list-type: atomic scope: type: string type: object x-kubernetes-map-type: atomic type: array x-kubernetes-list-type: atomic type: object x-kubernetes-map-type: atomic validationActions: items: enum: - Deny - Audit - Warn type: string type: array x-kubernetes-list-type: set validations: items: properties: expression: type: string message: type: string messageExpression: type: string reason: type: string required: - expression type: object type: array x-kubernetes-list-type: atomic variables: items: properties: expression: type: string name: type: string required: - expression - name type: object x-kubernetes-map-type: atomic type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map webhookConfiguration: properties: timeoutSeconds: format: int32 type: integer type: object type: object required: - spec type: object type: object type: object conditionStatus: properties: conditions: items: properties: lastTransitionTime: format: date-time type: string message: maxLength: 32768 type: string observedGeneration: format: int64 minimum: 0 type: integer reason: maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: enum: - "True" - "False" - Unknown type: string type: maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object type: array message: type: string ready: type: boolean type: object generated: type: boolean type: object required: - spec type: object served: true storage: true subresources: status: {}